Gitiles
Code Review Sign In
gerrit.nordix.org / onap / aaf / certservice / 61319d09b01f8dadd1d511f9c8965589c0b9706c / . / docs / sections / configuration.rst
blob: d49c86bdaf936b4e965368f14ecbfb935601cac8 [file] [log] [blame]
Bogumil Zebek483ccbf2020-03-25 11:54:11 +0100[diff] [blame]1.. This work is licensed under a Creative Commons Attribution 4.0 International License.
2.. http://creativecommons.org/licenses/by/4.0
3.. Copyright 2020 NOKIA
4
5Configuration
6=============
7
Tomasz Wrobel71986212020-03-26 09:43:41 +0100[diff] [blame]8Standalone docker container
9---------------------------
Bogumil Zebek483ccbf2020-03-25 11:54:11 +0100[diff] [blame]10
Tomasz Wrobel71986212020-03-26 09:43:41 +0100[diff] [blame]11Certification Service Client image:
12
13.. code-block::
14
15 nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-client:latest
16
17
181. Create file with environments as in example below.
19
20.. code-block::
21
22 #Client envs
23 REQUEST_URL=http://aaf-cert-service-service:8080/v1/certificate/
24 REQUEST_TIMEOUT=1000
25 OUTPUT_PATH=/var/certs
26 CA_NAME=RA
27 #Csr config envs
28 COMMON_NAME=onap.org
29 ORGANIZATION=Linux-Foundation
30 ORGANIZATION_UNIT=ONAP
31 LOCATION=San-Francisco
32 STATE=California
33 COUNTRY=US
34 SANS=test.onap.org:onap.com
35
36
372. Run docker container with environments file and docker network (API and client must be running in same network).
38
39.. code-block:: bash
40
41 AAFCERT_CLIENT_IMAGE=nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-client:latest
42 DOCKER_ENV_FILE= <path to environment file>
43 NETWORK_CERT_SERVICE= <docker network of cert service>
44 DOCKER_VOLUME="<absolute path to local dir>:<output path>"
45
46 docker run --env-file $DOCKER_ENV_FILE --network $NETWORK_CERT_SERVICE --volume $DOCKER_VOLUME $AAFCERT_CLIENT_IMAGE
Bogumil Zebek483ccbf2020-03-25 11:54:11 +0100[diff] [blame]47
48
49
Tomasz Wrobel71986212020-03-26 09:43:41 +0100[diff] [blame]50Init Container for K8s
51----------------------
Bogumil Zebek483ccbf2020-03-25 11:54:11 +0100[diff] [blame]52
Tomasz Wrobel71986212020-03-26 09:43:41 +0100[diff] [blame]53Example deployment:
Bogumil Zebek483ccbf2020-03-25 11:54:11 +0100[diff] [blame]54
Tomasz Wrobel71986212020-03-26 09:43:41 +0100[diff] [blame]55.. code-block:: yaml
Bogumil Zebek483ccbf2020-03-25 11:54:11 +0100[diff] [blame]56
Tomasz Wrobel71986212020-03-26 09:43:41 +0100[diff] [blame]57 ...
58 kind: Deployment
59 metadata:
60 ...
61 spec:
62 ...
63 template:
64 ...
65 spec:
66 containers:
67 - image: sample.image
68 name: sample.name
69 ...
70 volumeMounts:
71 - mountPath: /var/certs #CERTS CAN BE FOUND IN THIS DIRECTORY
72 name: certs
73 ...
74 initContainers:
75 - name: cert-service-client
76 image: nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-client:latest
77 imagePullPolicy: Always
78 env:
79 - name: REQUEST_URL
80 value: http://aaf-cert-service-service:8080/v1/certificate/
81 - name: REQUEST_TIMEOUT
82 value: "1000"
83 - name: OUTPUT_PATH
84 value: /var/certs
85 - name: CA_NAME
86 value: RA
87 - name: COMMON_NAME
88 value: onap.org
89 - name: ORGANIZATION
90 value: Linux-Foundation
91 - name: ORGANIZATION_UNIT
92 value: ONAP
93 - name: LOCATION
94 value: San-Francisco
95 - name: STATE
96 value: California
97 - name: COUNTRY
98 value: US
99 - name: SANS
100 value: test.onap.org:onap.com
101 volumeMounts:
102 - mountPath: /var/certs
103 name: certs
104 ...
105 volumes:
106 -emptyDir: {}
107 name: certs
108 ...
Bogumil Zebek483ccbf2020-03-25 11:54:11 +0100[diff] [blame]109
Tomasz Wrobel71986212020-03-26 09:43:41 +0100[diff] [blame]110